LinkedIn Login Integration Kit

LinkedIn IdP Adapter settings

Field descriptions for the LinkedIn IdP Adapter configuration page:

Standard fields
Field Name Description

Client ID

The client ID that you noted in Register PingFederate as a Microsoft Application.

This field is required.

Client Secret

The client secret that you noted in Register PingFederate as a Microsoft Application.

This field is required.

Permissions

The combined scopes of authority that PingFederate and the application want to request from the LinkedIn user.

These permissions determine which LinkedIn attributes can be added in the Attributes section of the IdP Adapter tab.

Use a space to separate multiple permissions.

The default value is profile openid email.

Error Redirect URL

(Optional) The URL of a custom page that displays when PingFederate receives an error response from LinkedIn. This URL can contain query parameters. The URL has an errorMessage query parameter appended to it that contains a brief description of the error.

If this field is blank, users will see a generic error page.

Learn more about using custom pages in Customizable user-facing pages in the PingFederate documentation.

This field is blank by default.

Unauthorized Redirect URL

(Optional) The URL of a custom page that displays when PingFederate receives a response from LinkedIn that says the user declined the authorization request. This URL can contain query parameters.

If no URL is specified, users will see a default error page.

Learn more about using custom pages in Customizable user-facing pages in the PingFederate documentation.

This field is blank by default.

Callback Endpoint

The PingFederate endpoint that LinkedIn uses to respond to authorization requests. If you set a custom endpoint in Register PingFederate as a Microsoft Application, change this field to match.

This default value is /linkedin-authn.

Advanced fields
Field Name Description

PingFederate Base URL

(Optional) The fully-qualified host name, port, and path (if applicable) of the PingFederate server. For example, https://sso.example.com:9031.

This field affects the redirect URL set in the Register PingFederate as a Microsoft Application step.

If this override field is blank, the URL is determined automatically.

This field is blank by default.

LinkedIn Authentication v2 URL

The LinkedIn API endpoint that PingFederate uses to get the verification codes.

The default value is https://www.linkedin.com/oauth/v2/authorization.

LinkedIn Access Token v2 URL

The LinkedIn API endpoint that PingFederate uses to get access tokens.

The default value is https://www.linkedin.com/oauth/v2/accessToken.

LinkedIn User Data v2 URL

The LinkedIn API endpoint that PingFederate uses to get user attributes.

The default value is https://api.linkedin.com/v2/userinfo.

LinkedIn Sign-On Presentation

Determines how the user is directed to LinkedIn for authentication.

Some browsers block automatic redirects.

If you select Pop-up window and aren’t using PingFederate in authentication API mode, the adapter presents a template file.

LinkedIn Pop-up Template

Applies only when the LinkedIn Sign-On Presentation is set to Pop-up window.

The template file that presents the LinkedIn sign-on form.

The default value is linkedin-pop-up-template.html.

LinkedIn Post Auth Template

Applies only when the LinkedIn Sign-On Presentation is set to Pop-up window.

The template file that the adapter presents after the user signs on.

The default value is linkedin-post-auth-template.html.

LinkedIn Messages File

The language-pack file associated with the LinkedIn Pop-up Template.

The default value is pingfederate-linkedin-adapter-messages.

Retry Request

Determines whether PingFederate will retry requests after it receives a response with a failure code.

This checkbox is selected by default.

Maximum Retries Limit

Determines how many times PingFederate will retry a request.

The default value is 5.

Retry Error Codes

Determines which response codes are considered failures.

The default value is 429.

API Request Timeout

The amount of time in milliseconds that PingFederate allows when establishing a connection with LinkedIn or waiting for a response to a request. A value of 0 disables the timeout.

The default value is 5000.

Proxy Settings

Defines proxy settings for outbound HTTP requests.

The default value is System Defaults.

Custom Proxy Host

The proxy server host name to use when Proxy Settings is set to Custom.

This field is blank by default.

Custom Proxy Port

The proxy server port to use when Proxy Settings is set to Custom.

This field is blank by default.